Hi Hmm, there is a problem with Bind9, if you reload the config, it falls over, everybody pointed at Bind9, but now I am not so sure. Could it be that it is actually a Samba problem ?? I am not sure, if this may be related. We had SAMBA-BIND-DNS problems after an upgrade from CentOS-7.4 to CentOS-7.5 We were running a self compiled samba 4.7 During the Upgrade from Centos-7.4 -> 7.5 in /etc/krb5,conf the following line was added at the very beginning of the file (not in any section) includedir /etc/krb5.conf.d/ and this seems to lead to problems with samba/heimdal kerberos. Bind was unable to access samba DNS due to kerberos errors any more . When I removed the line above from /etc/krb5,conf it works as before Regards Hansjörg Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ---------------------------- Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an hansjoerg.maurer at itsd.de. Our system is equipped with an email encryption gateway. If you want email sent to you to be encrypted please send a S/MIME signed email or your PGP public key to hansjoerg.maurer at itsd.de.
On Mon, 4 Jun 2018 11:43:10 +0200 Dr. Hansjoerg Maurer via samba <samba at lists.samba.org> wrote:> Hi > > > > > > > > > > > > > Hmm, there is a problem with Bind9, if you reload the config, it falls > over, everybody pointed at Bind9, but now I am not so sure. Could it > be that it is actually a Samba problem ?? > > I am not sure, if this may be related. > > We had SAMBA-BIND-DNS problems after an upgrade from CentOS-7.4 to > CentOS-7.5 > > We were running a self compiled samba 4.7 > > During the Upgrade from Centos-7.4 -> 7.5 in /etc/krb5,conf > > the following line was added at the very beginning of the file (not > in any section) > > > > includedir /etc/krb5.conf.d/ > > > > and this seems to lead to problems with samba/heimdal kerberos. > > Bind was unable to access samba DNS due to kerberos errors any more . > > > > When I removed the line above from /etc/krb5,conf it works as before > > > > Regards > > > > Hansjörg > > > > > > > Rowland >These are both known problems ;-) Do not reload the Bind config, restart Bind, I would also check the logrotate file, it normally reloads the config, at which point Bind9 falls over ;-) The line you allude to, is for MIT and if you follow the instructions in the wiki, you will not have it. Rowland